Created
February 12, 2015 20:43
-
-
Save arubdesu/e03179b8c79cb33070f3 to your computer and use it in GitHub Desktop.
Symantec DLP postflight
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
InstallParentPath=/Library/Manufacturer | |
InstallPath="$InstallParentPath/Endpoint Agent" | |
PGPBinaryPath="$InstallPath/Frameworks/PGP.framework/PGP" | |
AgentPlistPath=/Library/LaunchDaemons/com.symantec.manufacturer.agent.plist | |
cleanup_and_exist_if_failure() { | |
if [ $1 -ne 0 ] | |
then | |
echo "$2, Running cleanup..." | |
rm -rf "$InstallParentPath" | |
rm -f $AgentPlistPath | |
exit $1 | |
fi | |
} | |
set_permissions_and_ownership() { | |
# for Agent daemon launchd plist | |
/bin/chmod ug=r,o= $AgentPlistPath | |
cleanup_and_exist_if_failure $? "Unexpected error: could not set the permissions on daemon plist." | |
/usr/sbin/chown root:wheel $AgentPlistPath | |
cleanup_and_exist_if_failure $? "Unexpected error: could not set the ownership on daemon plist." | |
# for Install dir | |
# set ownership for all directories and files in install dir | |
/usr/sbin/chown root:wheel $InstallParentPath | |
cleanup_and_exist_if_failure $? "Unexpected error: could not set the ownership on install path." | |
# set default permissions for all directories and files in install dir | |
/bin/chmod -R ugo=r $InstallParentPath | |
# set rx for all the directories in install dir | |
/bin/chmod -R ugo=rX $InstallParentPath | |
cleanup_and_exist_if_failure $? "Unexpected error: could not set the permissions on install path." | |
/bin/chmod u=rwx,go=rx "$InstallPath" | |
/bin/chmod u=rx,go= "$PGPBinaryPath" | |
/bin/chmod u=rx,go= "$InstallPath/edpa" | |
/bin/chmod ug=rx,o= "$InstallPath/start_agent" | |
cd "$InstallPath" | |
/bin/chmod u=rx,go= *.dylib | |
cd - | |
# for Verity files | |
cd "$InstallPath/Verity" | |
/bin/chmod u=rx,go= *.so *.jnilib kvoop filter tstxtract | |
/bin/chmod u=r,go= kv.lic *.ini | |
cd - | |
} | |
function install_tools | |
{ | |
TOOLS_DIR="$PWD/Tools/" | |
if [ ! -d "$TOOLS_DIR" ]; then | |
return 0 | |
fi | |
echo "Installing Tools" | |
FILES="$PWD/Tools/*" | |
for f in $FILES | |
do | |
name=$(basename "$f") | |
if [ "$name" == "*" ]; then | |
break; | |
fi | |
if [ -d "$f" ]; then | |
cp -Rf "$TOOLS_DIR/$name" "$InstallPath/" | |
chown -R root:wheel "$InstallPath/$name" | |
chmod -R 550 "$InstallPath/$name" | |
else | |
cp -f "$TOOLS_DIR/$name" "$InstallPath/" | |
chown root:wheel "$InstallPath/$name" | |
chmod 550 "$InstallPath/$name" | |
fi | |
done | |
echo "Tools Installed" | |
} | |
ProductVersion=`defaults read $PWD/Info CFBundleVersion` | |
# Read existing version for upgrade scenario. | |
pkgutil --pkg-info-plist $INSTALL_PKG_SESSION_ID > $PWD/pkgInfo.plist | |
if [ $? -ne 0 ] | |
then | |
echo "Installing $ProductVersion ..." | |
set_permissions_and_ownership | |
DYLD_LIBRARY_PATH=$PWD ProductVersion=$ProductVersion ./CustomAction | |
resultCustomAction=$? | |
cleanup_and_exist_if_failure $resultCustomAction "CustomAction returned with an error." | |
else | |
echo "Repairing installation $ProductVersion ..." | |
# preinstall checks allow only new installation or repair. Not checking here again. | |
fi | |
install_tools | |
launchctl load $AgentPlistPath | |
cleanup_and_exist_if_failure $? "Unexpected error: could not load the DLP Endpoint Agent" | |
echo "End of postinstall" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment